diff options
-rw-r--r-- | include/functions_search.inc.php | 2 | ||||
-rw-r--r-- | search.php | 28 |
2 files changed, 13 insertions, 17 deletions
diff --git a/include/functions_search.inc.php b/include/functions_search.inc.php index 8f6af51dd..425de3e6c 100644 --- a/include/functions_search.inc.php +++ b/include/functions_search.inc.php @@ -223,7 +223,7 @@ function get_regular_search_results($search, $images_where) if (!empty($search_clause)) { $query = ' -SELECT DISTINCT(id) +SELECT id FROM '.IMAGES_TABLE.' i INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id WHERE '.$search_clause; diff --git a/search.php b/search.php index 9e30e38fa..87b8246ce 100644 --- a/search.php +++ b/search.php @@ -39,7 +39,7 @@ if (isset($_POST['submit'])) { if (!is_array($post_value)) { - $_POST[$post_key] = mysql_real_escape_string($post_value); + $_POST[$post_key] = pwg_db_real_escape_string($post_value); } } @@ -106,13 +106,11 @@ if (isset($_POST['submit'])) if (!empty($_POST['start_year'])) { $search['fields'][$type_date.'-after'] = array( - 'date' => join( - '-', - array( - $_POST['start_year'], - $_POST['start_month'] != 0 ? $_POST['start_month'] : '01', - $_POST['start_day'] != 0 ? $_POST['start_day'] : '01', - ) + 'date' => sprintf( + '%d-%02d-%02d', + $_POST['start_year'], + $_POST['start_month'] != 0 ? $_POST['start_month'] : '01', + $_POST['start_day'] != 0 ? $_POST['start_day'] : '01' ), 'inc' => true, ); @@ -121,14 +119,12 @@ if (isset($_POST['submit'])) if (!empty($_POST['end_year'])) { $search['fields'][$type_date.'-before'] = array( - 'date' => join( - '-', - array( - $_POST['end_year'], - $_POST['end_month'] != 0 ? $_POST['end_month'] : '12', - $_POST['end_day'] != 0 ? $_POST['end_day'] : '31', - ) - ), + 'date' => sprintf( + '%d-%02d-%02d', + $_POST['end_year'], + $_POST['end_month'] != 0 ? $_POST['end_month'] : '12', + $_POST['end_day'] != 0 ? $_POST['end_day'] : '31' + ), 'inc' => true, ); } |